package com.zhiyou100.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import com.zhiyou100.model.Permission;
import com.zhiyou100.model.Role;
import com.zhiyou100.model.User;
import com.zhiyou100.service.UserService;

@Component
public class UserRealm extends AuthorizingRealm{

	@Autowired
	private UserService userService;
	
	
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection collection) {
		//String account = (String) collection.getPrimaryPrincipal();
		//User user = userService.queryByAccount(account);
		//省略了从数据库再次查询的次数
		//但是需要下面的登录认证方法Principal放的是user对象
		User user = (User) collection.getPrimaryPrincipal();	
		
		SimpleAuthorizationInfo info  = new SimpleAuthorizationInfo();
		for(Role role : user.getRoles()){
			info.addRole(role.getName());
		}
		for (Permission permission : user.getPermissions()) {
			info.addStringPermission(permission.getName());
		}
		return info;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		String account = (String)token.getPrincipal();
		String password = new String((char[]) token.getCredentials());
		User user = userService.queryByAccount(account);
		if (user == null) {
			throw new UnknownAccountException("账号不存在");
		}
		if (!password.equals(user.getPassword())) {
			throw new IncorrectCredentialsException("密码错误");
		}
		//return new SimpleAuthenticationInfo(account,password,getName());
		return new SimpleAuthenticationInfo(user, password, getName());
	}

}
